Vulnerabilidades en PHOENIX CONTACT
147 resultadosCVE-2026-22320MEDIUMStack-Based Buffer Overflow in TFTP File-Transfer Command Handling over CLIEPSS 0.3%CVE-2024-26288HIGHPHOENIX CONTACT: Lack of SSL support in CHARX SeriesEPSS 0.3%CVE-2023-46144MEDIUMPHOENIX CONTACT: PLCnext Control prone to download of code without integrity checkEPSS 0.3%CVE-2025-41665MEDIUMPhoenix Contact: DoS of the PLC due to incorrect default permissions possibleEPSS 0.3%CVE-2025-25268HIGHUnauthenticated Configuration Access via Exposed API EndpointEPSS 0.3%CVE-2025-25271HIGHOCPP Backend Configuration via Insecure DefaultsEPSS 0.3%CVE-2021-34582MEDIUMPhoenix Contact: FL MGUARD XSS through web-based management and REST APIEPSS 0.3%CVE-2026-41032HIGHPhoenix Contact: Unauthenticated log download vulnerability in the firmware of CHARX SEC-3xxx charging controllersEPSS 0.3%CVE-2024-26002HIGHPHOENIX CONTACT: File ownership manipulation in CHARX SeriesEPSS 0.3%CVE-2026-22322HIGHStored Cross‑Site Scripting in Link Aggregation Name HandlingEPSS 0.3%CVE-2024-28137HIGHPHOENIX CONTACT: privilege escalation due to a TOCTOU vulnerability in the CHARX Series EPSS 0.3%CVE-2025-41692MEDIUMWeak/Predictable root PasswordEPSS 0.3%CVE-2025-25269HIGHLocal Privilege Escalation via Unauthenticated Command InjectionEPSS 0.2%CVE-2021-34563LOWIn WirelessHART-Gateway versions 3.0.8 and 3.0.9 the HttpOnly flag is missing in a cookie which allows client-side javascript to modify itEPSS 0.2%CVE-2025-41669HIGHInsufficient Verification of Data AuthenticityEPSS 0.2%CVE-2021-34560MEDIUMA vulnerability in WirelessHART-Gateway <= 3.0.9 could lead to information exposure of sensitive informationEPSS 0.2%CVE-2022-3461HIGHBuffer Overflow in PHOENIX CONTACT Automationworx Software SuiteEPSS 0.2%CVE-2022-3737HIGHOut-of-bounds Read in PHOENIX CONTACT Automationworx Software SuiteEPSS 0.2%CVE-2025-41697MEDIUMShell access to UART ConsoleEPSS 0.2%CVE-2025-41670HIGHUntrusted Search PathEPSS 0.2%